Archive | Countermeasures


14 June 2006 | 7,907 views

Spam – A Simple Guide To Keeping Your Inbox Clean

In my opinion, the best way to keep clean of spam is simple: The first rule is NEVER reply to spam, NEVER click the unsubscribe link and NEVER e-mail to the unsubscribe address. These are simply underhand tactics to get ‘active’ e-mail addresses. Some other tips to avoid getting spammed in the first place: 1) [...]

Continue Reading


31 May 2006 | 3,582 views

Without OneCare in the World.

Today sees the launch of “OneCare”, Microsofts “secrity solution”. Combining firewall, anti-virus and anti-spyware in to one handy package…. but would you trust it? I guess many people will, and over time we will find out if its a well spent $49.99 or not, but for me? I don’t think so. Microsoft do many things, [...]

Continue Reading


25 May 2006 | 5,815 views

South-East Asia Vulnerable to Cyber Terrorism

Interesting to see this just a little while after Malaysia announced IMPACT, it’s anti cyber-terrorist task force.. IMPACT is its name, and making an impact in the battle against cyber-terrorism is its mission. Unveiled in Austin, Texas, the Malaysian initiative seeks to bring together governments and the international private sector to deal with increasing threats [...]

Continue Reading


17 May 2006 | 5,305 views

Source Code & Software Security Analysis with BogoSec

Bogosec is essentially a tool for finding security vulnerabilities in source code. BogoSec aims to increase awareness regarding code security vulnerabilities, while encouraging developers to produce more secure code over time. By simplifying the code scanning process, BogoSec achieves a goal of allowing developers to scan their code regularly and more effectively. BogoSec is a [...]

Continue Reading


16 May 2006 | 39,044 views

Anonymity – Hiding Your Identity in 2006

Introduction Anonymity is derived from the greek word ἀνωνυμία (anonymia), meaning without a name or name-less. In colloquial use, the term typically refers to a person, and often means that the Ppersonal identity, or personally identifiable information of that person is not known. The main question is of course, what are you trying to hide? [...]

Continue Reading


16 May 2006 | 7,486 views

Browser Security Test – Check Your Browser NOW!

I know this is old, but a lot of people still don’t know about it. It can test for up to date Mozilla, Opera and Internet Explorer flaws, exploits and vulnerabilities. Browser vulnerabilities are a serious issue now. You can see which vulnerabilities they test for here and the statistics of the tests results here. [...]

Continue Reading


15 May 2006 | 7,629 views

OSSEC HIDS – Open Source Host-based Intrusion System

OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows. This is the first version offering native support for Windows (XP/2000/2003). It includes as well a new set of [...]

Continue Reading


19 April 2006 | 38,968 views

Good Password Guidelines – How to Make a Strong/Secure Password

It’s common sense for most people on the hacking side of computer security as we know how easy it is to break a password when it’s only a few characters long or it uses a dictionary word (even if it is postfixed with a couple of digits, a hybrid dictionary attack breaks it pretty fast). [...]

Continue Reading


05 April 2006 | 118,949 views

AJAX: Is your application secure enough?

Introduction We see it all around us, recently. Web applications get niftier by the day by utilising the various new techniques recently introduced in a few web-browsers, like I.E. and Firefox. One of those new techniques involves using Javascript. More specifically, the XmlHttpRequest-class, or object. Webmail applications use it to quickly update the list of [...]

Continue Reading


27 March 2006 | 8,292 views

Sealing Wafter – Defend Against OS Fingerprinting for OpenBSD

One way to defend against OS fingerprinting from tools such as nmap, queso, p0f, xprobe etc is to change the metrics that they base their analysis on. One way to do this with OpenBSD is to use Sealing Wafter. Goals of Sealing Wafter: 1. To reduce OS detection based on well known fingerprints network stack [...]

Continue Reading